Mendocino College board talks cybersecurity and visions for future

Visions for the future also part of study session

The Mendocino College board of trustees held an informational board meeting on Tuesday to learn more about cybersecurity, college program management, and potential strategic plans for the college going forward.

According to Mendocino College President Arturo Reyes, the topics were not an action item, but the trustees had wanted to discuss the issues for some time.

Director of Information Technology Karen Christopherson gave the board a presentation about the need to put preventative measures in place to minimize cybersecurity risks to the college.

Part of the discussion focused on the need to improve protection for Wi-Fi in the future. Christopherson emphasized the importance of paying closer attention to Wi-Fi security, hacking and passwords.

As colleges increase the use of devices controlled through Wi-Fi, protecting access to Wi-Fi networks will become paramount. Christopherson also suggested upgrading the password management from eight characters to 12.

Mendocino College’s Information Technology department also recommended doing more in prevention to limit cybersecurity risks at the college. Preventative measures include restricting network remote access for people at home, inventory hardware, software, limiting local administrative privileges, and preventing unauthorized software from being installed.

The California Community Colleges Information Security Center, a resource system that assists with security awareness training and standards, will also conduct cybersecurity awareness training and additional information security assessment in the future for the college. The CCC Information Security Center will also perform testing on overall preparedness and what areas still need work.

To protect Mendocino College from cyber attacks, BRIT Data Safe provides security assessment and regular webinars on emerging trends and hot topics related to cybersecurity. It also works with the district to provide cyber insurance.

In the event of a cyber breach, the company will provide counsel to the school and give advice on what steps to take. BRIT will also pay cyber extortion on the college’s behalf and take on the cost of hiring a public relations firm to deal with negative publicity or the media.

The presentation highlighted some of the steps that the school took over the past few years to make sure there is a system in place to protect personal information. Although there has not been any known hacking attempt at Mendocino College, the school had heard about other security breaches at other colleges and felt it was prudent to have safeguards ready, Reyes said.

“We would rather be proactive and have things in place and inform the board about what we are doing so the board can rest assured that we have everything in place that we need to prevent it and maintain than to recover if we did have some situation,” Reyes said.

The board also discussed the preliminary Mendocino-Lake Community College District 2018 Strategic Plan. The strategic plan will cover a six-year period and will highlight the goals and core elements of the college in that time.

The college decided to focus on the five themes of: commitment to learning, dedicated to community, adaptive to change, home to diversity, and gateway to opportunity.

The Strategic Plan tried to incorporate the chancellor’s office directives, the evolving needs of the community, faculty views, and the changing student demographics that include more Latino and Native American students. As part of the strategic plan, the board discussed ideas for how the school could put the themes into action.

Some members of the board suggested establishing and maintaining a career center that connects students with jobs, training, and transfers education opportunities. Other options included getting the local business community more involved with providing career paths for students and turning Mendocino College into a 24/7 campus to better meet student needs.